Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Malware inside PDF Files

Published: 2010-07-04
Last Updated: 2010-07-04 18:45:57 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
3 comment(s)

There is an interesting trend of malware: Javascript Malware inside PDF files. Many people have not updated their programs to read PDF files (I have seen personally people with Adobe Reader 5 on their computers) and so they are exposed to old exploits.

There is an interesting analysis posted by Kimberly (http://stopmalvertising.com/malware-reports/analysis-of-wzzc_pdf-exploitjspdfkacnk) that shows a Obfuscated Javascript inside a PDF file taking advantage of CVE-2008-2992 and CVE-2009-0927. The Wepawet service (http://wepawet.iseclab.org) shows possible malware inside PDF files.

Please remember: if a new version for a software goes out and it does not affect your operation, please use it. It will help you to prevent future headaches.

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

3 comment(s)
Diary Archives